package com.loyal.loyalerp.controller;

import java.io.IOException;
import java.util.List;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import com.loyal.loyalerp.commons.ServerResponse;
import com.loyal.loyalerp.mapper.EmployeeMapper;
import com.loyal.loyalerp.model.GyUser;
import com.loyal.loyalerp.service.EmployeeService;
import com.loyal.loyalerp.utils.MD5Password;

@Controller
public class LoginController {
	@Autowired
	EmployeeMapper employeeMapper;

	@Autowired
	private EmployeeService employeeService;

	@RequestMapping("/")
	public String index() {
		return "index";
	}

	@RequestMapping("/login")
	public String login() {
		return "login";
	}

	/**
	 * 用户登出
	 */
	@RequestMapping("/logout")
	public String logout() {
		Subject subject = SecurityUtils.getSubject();
		if (subject.isAuthenticated()) {
			subject.logout();// 用户退出，session监听销毁session
		}
		return "redirect:/login.jsp";
	}

	@ResponseBody
	@RequestMapping("/loginAction")
	public Object loginAction(@RequestParam("id") String id, @RequestParam("password") String password,
			HttpServletResponse response, HttpServletRequest request) throws IOException, ServletException {
		Subject currentUser = SecurityUtils.getSubject();
		UsernamePasswordToken token = new UsernamePasswordToken(id, new MD5Password().md5(password));
		try {
			currentUser.login(token);
			return ServerResponse.createBySuccess("登陆成功");
		} catch (UnknownAccountException e) {
			// TODO: handle exception
			return ServerResponse.createByError("员工号不存在");
		} catch (NumberFormatException e) {
			return ServerResponse.createByError("员工号应该是一个整数值");
		} catch (AuthenticationException e) {
			return ServerResponse.createByError("密码错误");
		}

	}

	@ResponseBody
	@RequestMapping("/loginByMobile")
	public Object loginByMobile(@RequestParam("mobile") String mobile, @RequestParam("password") String password,
			HttpServletResponse response, HttpServletRequest request) throws IOException, ServletException {
		Subject currentUser = SecurityUtils.getSubject();
		System.out.println(mobile);
		List<GyUser> user = employeeService.getUserByMobile(mobile);
		if (null == user || user.size() == 0) {
			return ServerResponse.createByError("手机号尚未注册！");
		} else if (user.size() > 1) {
			return ServerResponse.createByError("手机号重复！");
		}
		UsernamePasswordToken token = new UsernamePasswordToken(user.get(0).getUsercode(),
				new MD5Password().md5(password));
		try {
			currentUser.login(token);
			return ServerResponse.createBySuccess("登陆成功");
		} catch (UnknownAccountException e) {
			// TODO: handle exception
			return ServerResponse.createByError("员工号不存在");
		} catch (NumberFormatException e) {
			return ServerResponse.createByError("员工号应该是一个整数值");
		} catch (AuthenticationException e) {
			return ServerResponse.createByError("密码错误");
		}

	}

}
